Jump to content

Xander87

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral

About Xander87

  • Birthday December 28
  1. Unfortunately I must close this topic as-is, as the owner has grown impatient and decided to take it to "the shop" against my wishes. Thank you Maurice for all of your help, time and patience, and hard work on this issue. It was much appreciated.
  2. I managed to run TDSSKiller by some miracle ( changed {"C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon" /o} to {"C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm" /o} and let it load the driver and quickly ran TDSS from within the Chameleon folder. However, even in normal mode TDSS found nothing. Here's the report: 14:38:29.0566 1436 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 14:38:29.0800 1436 ============================================================ 14:38:29.0800 1436 Current date / time: 2013/02/28 14:38:29.0800 14:38:29.0800 1436 SystemInfo: 14:38:29.0800 1436 14:38:29.0800 1436 OS Version: 6.1.7601 ServicePack: 1.0 14:38:29.0800 1436 Product type: Workstation 14:38:29.0800 1436 ComputerName: MESHALYNN-PC 14:38:29.0800 1436 UserName: Mesha Lynn 14:38:29.0800 1436 Windows directory: C:\windows 14:38:29.0800 1436 System windows directory: C:\windows 14:38:29.0800 1436 Running under WOW64 14:38:29.0800 1436 Processor architecture: Intel x64 14:38:29.0800 1436 Number of processors: 2 14:38:29.0800 1436 Page size: 0x1000 14:38:29.0800 1436 Boot type: Normal boot 14:38:29.0800 1436 ============================================================ 14:38:33.0170 1436 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:38:33.0185 1436 ============================================================ 14:38:33.0185 1436 \Device\Harddisk0\DR0: 14:38:33.0185 1436 MBR partitions: 14:38:33.0185 1436 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23A94800 14:38:33.0185 1436 ============================================================ 14:38:33.0217 1436 C: <-> \Device\Harddisk0\DR0\Partition1 14:38:33.0217 1436 ============================================================ 14:38:33.0217 1436 Initialize success 14:38:33.0217 1436 ============================================================ 14:38:50.0954 1652 ============================================================ 14:38:50.0954 1652 Scan started 14:38:50.0954 1652 Mode: Manual; 14:38:50.0954 1652 ============================================================ 14:38:51.0968 1652 ================ Scan system memory ======================== 14:38:51.0968 1652 System memory - ok 14:38:51.0983 1652 ================ Scan services ============================= 14:38:52.0171 1652 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys 14:38:52.0186 1652 1394ohci - ok 14:38:52.0233 1652 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys 14:38:52.0249 1652 ACPI - ok 14:38:52.0280 1652 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys 14:38:52.0295 1652 AcpiPmi - ok 14:38:52.0483 1652 [ 76D5A3D2A50402A0B9B6ED13C4371E79 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 14:38:52.0498 1652 AdobeFlashPlayerUpdateSvc - ok 14:38:52.0545 1652 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys 14:38:52.0561 1652 adp94xx - ok 14:38:52.0607 1652 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys 14:38:52.0607 1652 adpahci - ok 14:38:52.0623 1652 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys 14:38:52.0639 1652 adpu320 - ok 14:38:52.0685 1652 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll 14:38:52.0685 1652 AeLookupSvc - ok 14:38:52.0795 1652 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys 14:38:52.0810 1652 AFD - ok 14:38:52.0857 1652 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys 14:38:52.0857 1652 agp440 - ok 14:38:52.0919 1652 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe 14:38:52.0919 1652 ALG - ok 14:38:52.0935 1652 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys 14:38:52.0935 1652 aliide - ok 14:38:52.0997 1652 [ A8B81D750556FB9A9266EC65BFAB63AF ] AMD External Events Utility C:\windows\system32\atiesrxx.exe 14:38:53.0013 1652 AMD External Events Utility - ok 14:38:53.0029 1652 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys 14:38:53.0029 1652 amdide - ok 14:38:53.0060 1652 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys 14:38:53.0060 1652 AmdK8 - ok 14:38:53.0356 1652 [ 7A1AC757F3A2A3126A806B7319CAB21B ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys 14:38:53.0590 1652 amdkmdag - ok 14:38:53.0684 1652 [ EEF6F806EEDFD1C746071F1FD684870E ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys 14:38:53.0699 1652 amdkmdap - ok 14:38:53.0715 1652 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys 14:38:53.0731 1652 AmdPPM - ok 14:38:53.0746 1652 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys 14:38:53.0762 1652 amdsata - ok 14:38:53.0793 1652 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys 14:38:53.0809 1652 amdsbs - ok 14:38:53.0824 1652 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys 14:38:53.0824 1652 amdxata - ok 14:38:53.0855 1652 [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata C:\windows\system32\DRIVERS\amd_sata.sys 14:38:53.0855 1652 amd_sata - ok 14:38:53.0933 1652 [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata C:\windows\system32\DRIVERS\amd_xata.sys 14:38:53.0933 1652 amd_xata - ok 14:38:53.0980 1652 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys 14:38:53.0980 1652 AppID - ok 14:38:54.0027 1652 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll 14:38:54.0027 1652 AppIDSvc - ok 14:38:54.0058 1652 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll 14:38:54.0058 1652 Appinfo - ok 14:38:54.0199 1652 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:38:54.0214 1652 Apple Mobile Device - ok 14:38:54.0277 1652 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys 14:38:54.0277 1652 arc - ok 14:38:54.0292 1652 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys 14:38:54.0308 1652 arcsas - ok 14:38:54.0323 1652 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 14:38:54.0323 1652 AsyncMac - ok 14:38:54.0339 1652 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys 14:38:54.0355 1652 atapi - ok 14:38:54.0417 1652 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 14:38:54.0433 1652 AudioEndpointBuilder - ok 14:38:54.0448 1652 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll 14:38:54.0464 1652 AudioSrv - ok 14:38:54.0495 1652 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll 14:38:54.0495 1652 AxInstSV - ok 14:38:54.0542 1652 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys 14:38:54.0557 1652 b06bdrv - ok 14:38:54.0604 1652 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys 14:38:54.0604 1652 b57nd60a - ok 14:38:54.0760 1652 [ 47480F4260DAE9AA589BCAF924B3767A ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe 14:38:54.0776 1652 BBSvc - ok 14:38:54.0791 1652 [ 6BF743CBF3BCD09DAB79245E60E1AE62 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe 14:38:54.0807 1652 BBUpdate - ok 14:38:54.0823 1652 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll 14:38:54.0838 1652 BDESVC - ok 14:38:54.0901 1652 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys 14:38:54.0901 1652 Beep - ok 14:38:54.0947 1652 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll 14:38:54.0963 1652 BFE - ok 14:38:55.0181 1652 [ 1D757A7E020C577C4259A755F21B7152 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20111223.001\BHDrvx64.sys 14:38:55.0213 1652 BHDrvx64 - ok 14:38:55.0275 1652 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll 14:38:55.0306 1652 BITS - ok 14:38:55.0384 1652 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys 14:38:55.0400 1652 blbdrive - ok 14:38:55.0462 1652 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 14:38:55.0478 1652 Bonjour Service - ok 14:38:55.0556 1652 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys 14:38:55.0556 1652 bowser - ok 14:38:55.0587 1652 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys 14:38:55.0587 1652 BrFiltLo - ok 14:38:55.0618 1652 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys 14:38:55.0618 1652 BrFiltUp - ok 14:38:55.0649 1652 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys 14:38:55.0665 1652 BridgeMP - ok 14:38:55.0696 1652 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll 14:38:55.0696 1652 Browser - ok 14:38:55.0743 1652 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys 14:38:55.0759 1652 Brserid - ok 14:38:55.0774 1652 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys 14:38:55.0774 1652 BrSerWdm - ok 14:38:55.0790 1652 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys 14:38:55.0790 1652 BrUsbMdm - ok 14:38:55.0805 1652 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys 14:38:55.0805 1652 BrUsbSer - ok 14:38:55.0821 1652 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys 14:38:55.0821 1652 BTHMODEM - ok 14:38:55.0852 1652 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll 14:38:55.0868 1652 bthserv - ok 14:38:55.0930 1652 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 14:38:55.0930 1652 cdfs - ok 14:38:55.0946 1652 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys 14:38:55.0961 1652 cdrom - ok 14:38:55.0993 1652 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll 14:38:55.0993 1652 CertPropSvc - ok 14:38:56.0024 1652 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys 14:38:56.0024 1652 circlass - ok 14:38:56.0086 1652 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys 14:38:56.0086 1652 CLFS - ok 14:38:56.0164 1652 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:38:56.0180 1652 clr_optimization_v2.0.50727_32 - ok 14:38:56.0258 1652 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 14:38:56.0258 1652 clr_optimization_v2.0.50727_64 - ok 14:38:56.0320 1652 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:38:56.0523 1652 clr_optimization_v4.0.30319_32 - ok 14:38:56.0710 1652 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 14:38:56.0741 1652 clr_optimization_v4.0.30319_64 - ok 14:38:56.0851 1652 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys 14:38:56.0851 1652 CmBatt - ok 14:38:56.0897 1652 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys 14:38:56.0897 1652 cmdide - ok 14:38:56.0975 1652 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\windows\system32\Drivers\cng.sys 14:38:56.0991 1652 CNG - ok 14:38:57.0241 1652 [ 99B1B888B793DE320C5479B3C953781F ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys 14:38:57.0256 1652 CnxtHdAudService - ok 14:38:57.0365 1652 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys 14:38:57.0365 1652 Compbatt - ok 14:38:57.0397 1652 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys 14:38:57.0412 1652 CompositeBus - ok 14:38:57.0412 1652 COMSysApp - ok 14:38:57.0443 1652 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys 14:38:57.0459 1652 crcdisk - ok 14:38:57.0521 1652 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll 14:38:57.0521 1652 CryptSvc - ok 14:38:57.0615 1652 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll 14:38:57.0631 1652 DcomLaunch - ok 14:38:57.0693 1652 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll 14:38:57.0709 1652 defragsvc - ok 14:38:57.0771 1652 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys 14:38:57.0787 1652 DfsC - ok 14:38:57.0880 1652 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll 14:38:57.0896 1652 Dhcp - ok 14:38:58.0005 1652 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys 14:38:58.0005 1652 discache - ok 14:38:58.0036 1652 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys 14:38:58.0036 1652 Disk - ok 14:38:58.0114 1652 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll 14:38:58.0114 1652 Dnscache - ok 14:38:58.0208 1652 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll 14:38:58.0223 1652 dot3svc - ok 14:38:58.0270 1652 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll 14:38:58.0270 1652 DPS - ok 14:38:58.0348 1652 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 14:38:58.0348 1652 drmkaud - ok 14:38:58.0411 1652 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 14:38:58.0426 1652 DXGKrnl - ok 14:38:58.0535 1652 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll 14:38:58.0535 1652 EapHost - ok 14:38:59.0003 1652 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys 14:38:59.0128 1652 ebdrv - ok 14:38:59.0269 1652 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 14:38:59.0284 1652 eeCtrl - ok 14:38:59.0347 1652 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe 14:38:59.0347 1652 EFS - ok 14:38:59.0534 1652 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe 14:38:59.0581 1652 ehRecvr - ok 14:38:59.0643 1652 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe 14:38:59.0643 1652 ehSched - ok 14:38:59.0846 1652 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys 14:38:59.0861 1652 elxstor - ok 14:38:59.0939 1652 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 14:38:59.0955 1652 EraserUtilRebootDrv - ok 14:38:59.0986 1652 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys 14:39:00.0002 1652 ErrDev - ok 14:39:00.0080 1652 [ 5D82D501D2FEE413B1F45F0302B5802C ] ETD C:\windows\system32\DRIVERS\ETD.sys 14:39:00.0080 1652 ETD - ok 14:39:00.0251 1652 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll 14:39:00.0267 1652 EventSystem - ok 14:39:00.0376 1652 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys 14:39:00.0392 1652 exfat - ok 14:39:00.0470 1652 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys 14:39:00.0485 1652 fastfat - ok 14:39:00.0657 1652 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe 14:39:00.0719 1652 Fax - ok 14:39:00.0751 1652 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys 14:39:00.0751 1652 fdc - ok 14:39:00.0797 1652 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll 14:39:00.0813 1652 fdPHost - ok 14:39:00.0860 1652 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll 14:39:00.0860 1652 FDResPub - ok 14:39:00.0953 1652 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys 14:39:00.0953 1652 FileInfo - ok 14:39:00.0985 1652 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys 14:39:00.0985 1652 Filetrace - ok 14:39:04.0916 1652 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys 14:39:04.0916 1652 flpydisk - ok 14:39:32.0918 1652 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 14:39:37.0052 1652 FltMgr - ok 14:43:31.0848 1652 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll 14:43:31.0910 1652 FontCache - ok 14:45:32.0717 1652 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:46:21.0093 1652 FontCache3.0.0.0 - ok 14:47:09.0624 1652 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys 14:47:09.0640 1652 FsDepends - ok 14:47:58.0359 1652 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 14:47:58.0374 1652 Fs_Rec - ok 14:48:46.0859 1652 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys 14:49:11.0008 1652 fvevol - ok 14:50:47.0962 1652 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys 14:50:47.0962 1652 FwLnk - ok 14:51:36.0432 1652 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys 14:52:00.0643 1652 gagp30kx - ok 14:54:25.0941 1652 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys 14:54:25.0941 1652 GEARAspiWDM - ok 14:57:15.0186 1652 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll 14:57:39.0366 1652 gpsvc - ok 15:02:02.0492 1652 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -End TDSS log- Then I saw your post and ran FRST64. Here's the log: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2013 Ran by SYSTEM at 28-02-2013 18:42:19 Running from F:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) The current controlset is ControlSet002 ==================== Registry (Whitelisted) =================== Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 ==================== Services (Whitelisted) =================== 4 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation) 4 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation) 2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation) 4 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe /s [132056 2012-11-15] (Symantec Corporation) 2 PCCUJobMgr; "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\diMaster.dll" /prefetch:1 [132984 2011-02-03] (Symantec Corporation) 2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x] 2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x] 2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x] ==================== Drivers (Whitelisted) ===================== 1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20111223.001\BHDrvx64.sys [1157240 2011-11-30] (Symantec Corporation) 1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-15] (Symantec Corporation) 3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-15] (Symantec Corporation) 1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120120.002\IDSvia64.sys [488568 2011-12-23] (Symantec Corporation) 3 mbamchameleon; C:\Windows\System32\Drivers\mbamchameleon.sys [36680 2013-02-28] () 3 MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) 3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120122.004\ENG64.SYS [117880 2012-01-12] (Symantec Corporation) 3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120122.004\EX64.SYS [2048632 2012-01-12] (Symantec Corporation) 3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation) 1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation) 0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation) 0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation) 3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-12-25] (Symantec Corporation) 1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation) 1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation) ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2013-02-28 18:42 - 2013-02-28 18:42 - 00000000 ____D C:\FRST 2013-02-28 16:03 - 2013-02-28 16:03 - 00019523 ____A C:\Users\Mesha Lynn\Documents\TDSS2.txt 2013-02-28 16:02 - 2013-02-28 16:02 - 00019523 ____A C:\Users\Mesha Lynn\Desktop\TDSSnrmal.txt 2013-02-28 03:30 - 2013-02-28 03:30 - 00036680 ____A C:\Windows\System32\Drivers\mbamchameleon.sys 2013-02-27 19:37 - 2013-02-27 19:37 - 334597421 ____A C:\Windows\MEMORY.DMP 2013-02-27 19:37 - 2013-02-27 19:37 - 00544544 ____A C:\Windows\Minidump\022713-36426-01.dmp 2013-02-27 11:19 - 2013-02-27 11:19 - 00958368 ____A (Bleeping Computer, LLC) C:\Users\Mesha Lynn\Downloads\rkill (1)64.com 2013-02-26 19:24 - 2013-02-26 19:24 - 00066449 ____A C:\Users\Mesha Lynn\Desktop\TDDS report.txt 2013-02-26 18:13 - 2013-02-26 18:13 - 00007605 ____A C:\Users\Mesha Lynn\AppData\Local\Resmon.ResmonCfg 2013-02-26 15:25 - 2013-02-26 15:25 - 00208216 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\46718093.sys 2013-02-26 14:07 - 2013-02-28 03:17 - 00000560 ____A C:\Windows\setupact.log 2013-02-26 14:07 - 2013-02-26 14:07 - 00000000 ____A C:\Windows\setuperr.log 2013-02-25 16:13 - 2013-02-25 16:14 - 00002681 ____A C:\Users\Mesha Lynn\Desktop\RKreport[1]_S_02252013_02d1613.txt 2013-02-25 16:08 - 2013-02-25 16:13 - 00000000 ____D C:\Users\Mesha Lynn\Desktop\RK_Quarantine 2013-02-25 16:07 - 2013-02-25 16:07 - 00816640 ____A C:\Users\Mesha Lynn\Downloads\RogueKiller.exe 2013-02-25 16:05 - 2013-02-28 16:07 - 00000948 ____A C:\Users\Mesha Lynn\Desktop\Rkill.txt 2013-02-25 16:05 - 2013-02-25 16:05 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Mesha Lynn\Downloads\rkill (1).com 2013-02-24 17:04 - 2013-02-24 17:04 - 00688992 ____R (Swearware) C:\Users\Mesha Lynn\Downloads\dds.com 2013-02-23 21:17 - 2013-02-27 04:29 - 00007687 ____A C:\Windows\WindowsUpdate.log 2013-02-23 17:49 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe 2013-02-23 17:49 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe 2013-02-23 17:49 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe 2013-02-23 17:49 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe 2013-02-23 17:49 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe 2013-02-23 17:49 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe 2013-02-23 17:49 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe 2013-02-23 17:49 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe 2013-02-23 14:16 - 2013-02-23 14:16 - 00000000 ____D C:\Users\Mesha Lynn\Documents\ProcAlyzer Dumps 2013-02-23 13:36 - 2013-02-23 18:10 - 00000000 ____D C:\Qoobox 2013-02-23 13:34 - 2013-02-23 13:35 - 05034320 ____R (Swearware) C:\Users\Mesha Lynn\Downloads\ComboFix.exe 2013-02-23 08:31 - 2013-02-23 08:31 - 00000000 ____D C:\Users\Mesha Lynn\Downloads\mbar-1.01.0.1020 2013-02-23 08:29 - 2013-02-23 08:31 - 13711621 ____A C:\Users\Mesha Lynn\Downloads\mbar-1.01.0.1020.zip 2013-02-22 01:47 - 2013-02-22 01:48 - 00479869 ____A (Trend Micro Inc.) C:\Users\Mesha Lynn\Downloads\HousecallLauncher (1).exe 2013-02-22 01:27 - 2013-02-22 01:28 - 00000000 ____D C:\Program Files (x86)\Safer Networking 2013-02-21 19:32 - 2013-02-21 19:33 - 07966432 ____A (Safer Networking Limited ) C:\Users\Mesha Lynn\Downloads\runalyz-1.6.1.24.exe 2013-02-21 19:32 - 2013-02-21 19:32 - 01339719 ____A C:\Users\Mesha Lynn\Downloads\rootalyz-0.3.4.47.zip 2013-02-21 19:32 - 2013-02-21 19:32 - 00000000 ____D C:\Users\Mesha Lynn\Downloads\rootalyz-0.3.4.47 2013-02-21 19:31 - 2013-02-21 19:31 - 01752632 ____A (Safer-Networking Ltd. ) C:\Users\Mesha Lynn\Downloads\regalyz-1.6.2.16.exe 2013-02-21 18:11 - 2013-02-28 16:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-02-21 18:11 - 2013-02-21 18:11 - 00001080 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-02-21 18:11 - 2013-02-21 18:11 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Roaming\Malwarebytes 2013-02-21 18:11 - 2013-02-21 18:11 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-02-21 18:11 - 2012-12-14 16:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-02-21 18:08 - 2013-02-21 18:08 - 00000833 ____A C:\Users\Public\Desktop\CCleaner.lnk 2013-02-21 18:08 - 2013-02-21 18:08 - 00000000 ____D C:\Program Files\CCleaner 2013-02-21 18:03 - 2013-02-21 16:19 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Mesha Lynn\Desktop\mbam-setup-1.70.0.1100.exe 2013-02-21 18:03 - 2013-02-21 16:18 - 04189792 ____A (Piriform Ltd) C:\Users\Mesha Lynn\Desktop\ccsetup327.exe 2013-02-21 15:58 - 2013-02-21 15:58 - 00001235 ____A C:\Users\Mesha Lynn\Desktop\Revo Uninstaller.lnk 2013-02-21 15:57 - 2013-02-21 15:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2013-02-21 01:20 - 2013-02-23 13:35 - 00000000 ____D C:\Windows\erdnt 2013-02-21 01:19 - 2013-02-21 01:05 - 04732416 ____A (AVAST Software) C:\Users\Mesha Lynn\Desktop\aswMBR.exe 2013-02-21 01:19 - 2013-02-21 01:02 - 00881935 ____A C:\Users\Mesha Lynn\Desktop\SecurityCheck.exe 2013-02-20 23:02 - 2013-02-20 23:02 - 00000164 ____A C:\Windows\wininit.ini 2013-02-20 21:18 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\System32\Drivers\etc\hosts.20130220-211821.backup 2013-02-20 21:08 - 2013-02-23 14:16 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-02-20 21:00 - 2013-02-20 21:03 - 55454464 ____A (Safer-Networking Ltd. ) C:\Users\Mesha Lynn\Downloads\SpybotSD2.exe 2013-02-20 20:16 - 2013-02-21 20:53 - 00000446 ____A C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job 2013-02-13 08:53 - 2013-02-13 08:53 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Local\Symantec 2013-02-08 21:32 - 2013-02-08 21:32 - 00000231 ____A C:\Users\Public\Desktop\More Great Games.url ==================== One Month Modified Files and Folders ======= 2013-02-28 16:07 - 2013-02-25 16:05 - 00000948 ____A C:\Users\Mesha Lynn\Desktop\Rkill.txt 2013-02-28 16:07 - 2013-02-21 18:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-02-28 16:03 - 2013-02-28 16:03 - 00019523 ____A C:\Users\Mesha Lynn\Documents\TDSS2.txt 2013-02-28 16:02 - 2013-02-28 16:02 - 00019523 ____A C:\Users\Mesha Lynn\Desktop\TDSSnrmal.txt 2013-02-28 15:53 - 2009-07-13 20:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-02-28 15:52 - 2009-07-13 20:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-02-28 13:38 - 2012-02-25 14:59 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Local\Tific 2013-02-28 13:38 - 2011-12-25 09:01 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Roaming\Tific 2013-02-28 03:30 - 2013-02-28 03:30 - 00036680 ____A C:\Windows\System32\Drivers\mbamchameleon.sys 2013-02-28 03:17 - 2013-02-26 14:07 - 00000560 ____A C:\Windows\setupact.log 2013-02-28 03:17 - 2011-12-07 12:44 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-02-28 03:17 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-02-28 03:13 - 2011-12-07 12:44 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-02-27 21:01 - 2012-11-15 00:54 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-02-27 19:37 - 2013-02-27 19:37 - 334597421 ____A C:\Windows\MEMORY.DMP 2013-02-27 19:37 - 2013-02-27 19:37 - 00544544 ____A C:\Windows\Minidump\022713-36426-01.dmp 2013-02-27 19:37 - 2012-07-30 20:52 - 00000000 ____D C:\Windows\Minidump 2013-02-27 11:19 - 2013-02-27 11:19 - 00958368 ____A (Bleeping Computer, LLC) C:\Users\Mesha Lynn\Downloads\rkill (1)64.com 2013-02-27 04:29 - 2013-02-23 21:17 - 00007687 ____A C:\Windows\WindowsUpdate.log 2013-02-26 19:26 - 2009-07-13 21:13 - 00005152 ____A C:\Windows\System32\PerfStringBackup.INI 2013-02-26 19:24 - 2013-02-26 19:24 - 00066449 ____A C:\Users\Mesha Lynn\Desktop\TDDS report.txt 2013-02-26 18:13 - 2013-02-26 18:13 - 00007605 ____A C:\Users\Mesha Lynn\AppData\Local\Resmon.ResmonCfg 2013-02-26 15:25 - 2013-02-26 15:25 - 00208216 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\46718093.sys 2013-02-26 14:07 - 2013-02-26 14:07 - 00000000 ____A C:\Windows\setuperr.log 2013-02-25 16:14 - 2013-02-25 16:13 - 00002681 ____A C:\Users\Mesha Lynn\Desktop\RKreport[1]_S_02252013_02d1613.txt 2013-02-25 16:13 - 2013-02-25 16:08 - 00000000 ____D C:\Users\Mesha Lynn\Desktop\RK_Quarantine 2013-02-25 16:07 - 2013-02-25 16:07 - 00816640 ____A C:\Users\Mesha Lynn\Downloads\RogueKiller.exe 2013-02-25 16:05 - 2013-02-25 16:05 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Mesha Lynn\Downloads\rkill (1).com 2013-02-24 17:04 - 2013-02-24 17:04 - 00688992 ____R (Swearware) C:\Users\Mesha Lynn\Downloads\dds.com 2013-02-23 18:10 - 2013-02-23 13:36 - 00000000 ____D C:\Qoobox 2013-02-23 18:04 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini 2013-02-23 14:16 - 2013-02-23 14:16 - 00000000 ____D C:\Users\Mesha Lynn\Documents\ProcAlyzer Dumps 2013-02-23 14:16 - 2013-02-20 21:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-02-23 13:35 - 2013-02-23 13:34 - 05034320 ____R (Swearware) C:\Users\Mesha Lynn\Downloads\ComboFix.exe 2013-02-23 13:35 - 2013-02-21 01:20 - 00000000 ____D C:\Windows\erdnt 2013-02-23 08:31 - 2013-02-23 08:31 - 00000000 ____D C:\Users\Mesha Lynn\Downloads\mbar-1.01.0.1020 2013-02-23 08:31 - 2013-02-23 08:29 - 13711621 ____A C:\Users\Mesha Lynn\Downloads\mbar-1.01.0.1020.zip 2013-02-22 01:48 - 2013-02-22 01:47 - 00479869 ____A (Trend Micro Inc.) C:\Users\Mesha Lynn\Downloads\HousecallLauncher (1).exe 2013-02-22 01:28 - 2013-02-22 01:27 - 00000000 ____D C:\Program Files (x86)\Safer Networking 2013-02-21 20:53 - 2013-02-20 20:16 - 00000446 ____A C:\Windows\Tasks\PC Checkup 3 Weekly Scan.job 2013-02-21 19:33 - 2013-02-21 19:32 - 07966432 ____A (Safer Networking Limited ) C:\Users\Mesha Lynn\Downloads\runalyz-1.6.1.24.exe 2013-02-21 19:32 - 2013-02-21 19:32 - 01339719 ____A C:\Users\Mesha Lynn\Downloads\rootalyz-0.3.4.47.zip 2013-02-21 19:32 - 2013-02-21 19:32 - 00000000 ____D C:\Users\Mesha Lynn\Downloads\rootalyz-0.3.4.47 2013-02-21 19:31 - 2013-02-21 19:31 - 01752632 ____A (Safer-Networking Ltd. ) C:\Users\Mesha Lynn\Downloads\regalyz-1.6.2.16.exe 2013-02-21 19:08 - 2011-12-25 08:32 - 00000000 ____D C:\users\Mesha Lynn 2013-02-21 18:22 - 2011-12-07 12:43 - 00000000 ____D C:\Program Files\Google 2013-02-21 18:22 - 2011-12-07 12:43 - 00000000 ____D C:\Program Files (x86)\Google 2013-02-21 18:11 - 2013-02-21 18:11 - 00001080 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-02-21 18:11 - 2013-02-21 18:11 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Roaming\Malwarebytes 2013-02-21 18:11 - 2013-02-21 18:11 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-02-21 18:09 - 2011-12-26 16:53 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Roaming\Skype 2013-02-21 18:08 - 2013-02-21 18:08 - 00000833 ____A C:\Users\Public\Desktop\CCleaner.lnk 2013-02-21 18:08 - 2013-02-21 18:08 - 00000000 ____D C:\Program Files\CCleaner 2013-02-21 18:02 - 2012-11-15 00:51 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2013-02-21 17:51 - 2011-12-25 08:44 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Local\Google 2013-02-21 17:49 - 2012-08-31 13:14 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Local\Unity 2013-02-21 17:44 - 2012-12-11 17:21 - 00000000 ____D C:\ProgramData\ParetoLogic 2013-02-21 17:30 - 2011-03-29 18:48 - 00000000 ____D C:\Program Files (x86)\Java 2013-02-21 16:19 - 2013-02-21 18:03 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Mesha Lynn\Desktop\mbam-setup-1.70.0.1100.exe 2013-02-21 16:18 - 2013-02-21 18:03 - 04189792 ____A (Piriform Ltd) C:\Users\Mesha Lynn\Desktop\ccsetup327.exe 2013-02-21 15:58 - 2013-02-21 15:58 - 00001235 ____A C:\Users\Mesha Lynn\Desktop\Revo Uninstaller.lnk 2013-02-21 15:57 - 2013-02-21 15:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2013-02-21 01:50 - 2009-07-13 19:20 - 00000000 __RHD C:\users\Default 2013-02-21 01:12 - 2009-07-13 18:34 - 00445760 ___RA C:\Windows\System32\Drivers\etc\hosts.20130223-165830.backup 2013-02-21 01:05 - 2013-02-21 01:19 - 04732416 ____A (AVAST Software) C:\Users\Mesha Lynn\Desktop\aswMBR.exe 2013-02-21 01:02 - 2013-02-21 01:19 - 00881935 ____A C:\Users\Mesha Lynn\Desktop\SecurityCheck.exe 2013-02-20 23:02 - 2013-02-20 23:02 - 00000164 ____A C:\Windows\wininit.ini 2013-02-20 21:18 - 2009-07-13 18:34 - 00445760 ___RA C:\Windows\System32\Drivers\etc\hosts.20130221-011207.backup 2013-02-20 21:03 - 2013-02-20 21:00 - 55454464 ____A (Safer-Networking Ltd. ) C:\Users\Mesha Lynn\Downloads\SpybotSD2.exe 2013-02-20 20:21 - 2012-02-07 05:10 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Roaming\MusicNet 2013-02-20 20:21 - 2011-12-28 22:04 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Local\CrashDumps 2013-02-20 20:21 - 2011-03-29 19:11 - 00000000 ____D C:\Windows\Panther 2013-02-20 19:15 - 2012-12-11 17:20 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Local\PC MightyMax 2012 2013-02-17 21:08 - 2012-11-25 04:28 - 00000000 ____D C:\Program Files (x86)\PC Checkup 2013-02-17 21:08 - 2012-03-02 19:28 - 00000000 ____D C:\users\Guest 2013-02-17 21:08 - 2011-12-26 16:53 - 00000000 ____D C:\ProgramData\Skype 2013-02-17 21:08 - 2011-12-07 12:33 - 00000000 ____D C:\ProgramData\Norton 2013-02-17 21:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2013-02-13 08:53 - 2013-02-13 08:53 - 00000000 ____D C:\Users\Mesha Lynn\AppData\Local\Symantec 2013-02-08 21:32 - 2013-02-08 21:32 - 00000231 ____A C:\Users\Public\Desktop\More Great Games.url 2013-02-08 21:26 - 2012-01-10 22:53 - 00000000 ____D C:\ProgramData\Big Fish Games ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-12-08 03:30:02 Restore point made on: 2012-12-11 13:57:32 Restore point made on: 2012-12-26 20:27:23 Restore point made on: 2013-01-06 14:30:38 Restore point made on: 2013-01-17 10:44:37 Restore point made on: 2013-01-30 06:46:26 Restore point made on: 2013-02-06 12:18:35 ==================== Memory info =========================== Percentage of memory in use: 18% Total physical RAM: 2662.87 MB Available physical RAM: 2170.86 MB Total Pagefile: 2661.07 MB Available Pagefile: 2154.89 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================= 1 Drive c: (TI106147W0C) (Fixed) (Total:285.29 GB) (Free:195.36 GB) NTFS ==>[system with boot components (obtained from reading drive)] 2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[system with boot components (obtained from reading drive)] 4 Drive f: (SAINTS-S3CE) (Removable) (Total:1.79 GB) (Free:0.91 GB) FAT32 5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 298 GB 0 B Disk 1 Online 1840 MB 0 B Partitions of Disk 0: =============== Disk ID: 2B538AD9 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Recovery 1500 MB 1024 KB Partition 2 Primary 285 GB 1501 MB Partition 3 Primary 11 GB 286 GB ================================================================================== Disk: 0 Partition 1 Type : 27 Hidden: Yes Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 D System NTFS Partition 1500 MB Healthy Hidden ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 C TI106147W0C NTFS Partition 285 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 17 (Suspicious Type) Hidden: Yes Active: No There is no volume associated with this partition. ========================================================= Partitions of Disk 1: =============== Disk ID: 00000001 Partition ### Type Size Offset ------------- ---------------- ------- ------- * Partition 1 Primary 1840 MB 0 B ================================================================================== Disk: 1 There is no partition selected. There is no partition selected. Please select a partition and try again. ========================================================= Last Boot: 2013-02-06 12:18 ==================== End Of Log =============================
  3. I am having severe difficulty trying to run anything in Normal Mode. It's as if everything is timed-out in the first ten seconds, and after that nothing responds (or it tries to, but times-out again, in continuum). Any ideas?
  4. <p> </p> 19:20:33.0919 1588 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 19:20:34.0450 1588 ============================================================ 19:20:34.0465 1588 Current date / time: 2013/02/26 19:20:34.0450 19:20:34.0465 1588 SystemInfo: 19:20:34.0465 1588 19:20:34.0465 1588 OS Version: 6.1.7601 ServicePack: 1.0 19:20:34.0465 1588 Product type: Workstation 19:20:34.0465 1588 ComputerName: MESHALYNN-PC 19:20:34.0465 1588 UserName: Mesha Lynn 19:20:34.0465 1588 Windows directory: C:\windows 19:20:34.0465 1588 System windows directory: C:\windows 19:20:34.0465 1588 Running under WOW64 19:20:34.0465 1588 Processor architecture: Intel x64 19:20:34.0465 1588 Number of processors: 2 19:20:34.0465 1588 Page size: 0x1000 19:20:34.0465 1588 Boot type: Safe boot with network 19:20:34.0465 1588 ============================================================ 19:20:36.0135 1588 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:20:36.0135 1588 ============================================================ 19:20:36.0135 1588 \Device\Harddisk0\DR0: 19:20:36.0135 1588 MBR partitions: 19:20:36.0135 1588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23A94800 19:20:36.0135 1588 ============================================================ 19:20:36.0181 1588 C: <-> \Device\Harddisk0\DR0\Partition1 19:20:36.0181 1588 ============================================================ 19:20:36.0181 1588 Initialize success 19:20:36.0181 1588 ============================================================ 19:21:49.0221 1904 ============================================================ 19:21:49.0221 1904 Scan started 19:21:49.0221 1904 Mode: Manual; 19:21:49.0221 1904 ============================================================ 19:21:49.0813 1904 ================ Scan system memory ======================== 19:21:49.0813 1904 System memory - ok 19:21:49.0813 1904 ================ Scan services ============================= 19:21:50.0032 1904 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys 19:21:50.0032 1904 1394ohci - ok 19:21:50.0125 1904 [ F146E2BA475893DD77B2370DC1211FC6 ] 82424991 C:\windows\system32\drivers\46718093.sys 19:21:50.0141 1904 82424991 - ok 19:21:50.0172 1904 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys 19:21:50.0188 1904 ACPI - ok 19:21:50.0219 1904 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys 19:21:50.0235 1904 AcpiPmi - ok 19:21:50.0422 1904 [ 76D5A3D2A50402A0B9B6ED13C4371E79 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:21:50.0422 1904 AdobeFlashPlayerUpdateSvc - ok 19:21:50.0484 1904 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys 19:21:50.0500 1904 adp94xx - ok 19:21:50.0562 1904 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys 19:21:50.0562 1904 adpahci - ok 19:21:50.0578 1904 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys 19:21:50.0593 1904 adpu320 - ok 19:21:50.0640 1904 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll 19:21:50.0656 1904 AeLookupSvc - ok 19:21:50.0734 1904 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys 19:21:50.0734 1904 AFD - ok 19:21:50.0781 1904 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys 19:21:50.0781 1904 agp440 - ok 19:21:50.0859 1904 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe 19:21:50.0859 1904 ALG - ok 19:21:50.0890 1904 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys 19:21:50.0890 1904 aliide - ok 19:21:50.0937 1904 [ A8B81D750556FB9A9266EC65BFAB63AF ] AMD External Events Utility C:\windows\system32\atiesrxx.exe 19:21:50.0937 1904 AMD External Events Utility - ok 19:21:50.0968 1904 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys 19:21:50.0968 1904 amdide - ok 19:21:51.0015 1904 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys 19:21:51.0015 1904 AmdK8 - ok 19:21:51.0264 1904 [ 7A1AC757F3A2A3126A806B7319CAB21B ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys 19:21:51.0498 1904 amdkmdag - ok 19:21:51.0529 1904 [ EEF6F806EEDFD1C746071F1FD684870E ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys 19:21:51.0545 1904 amdkmdap - ok 19:21:51.0592 1904 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys 19:21:51.0592 1904 AmdPPM - ok 19:21:51.0639 1904 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys 19:21:51.0639 1904 amdsata - ok 19:21:51.0685 1904 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys 19:21:51.0685 1904 amdsbs - ok 19:21:51.0717 1904 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys 19:21:51.0717 1904 amdxata - ok 19:21:51.0763 1904 [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata C:\windows\system32\DRIVERS\amd_sata.sys 19:21:51.0763 1904 amd_sata - ok 19:21:51.0795 1904 [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata C:\windows\system32\DRIVERS\amd_xata.sys 19:21:51.0810 1904 amd_xata - ok 19:21:51.0904 1904 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys 19:21:51.0904 1904 AppID - ok 19:21:51.0935 1904 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll 19:21:51.0935 1904 AppIDSvc - ok 19:21:51.0951 1904 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll 19:21:51.0966 1904 Appinfo - ok 19:21:52.0107 1904 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:21:52.0107 1904 Apple Mobile Device - ok 19:21:52.0169 1904 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys 19:21:52.0169 1904 arc - ok 19:21:52.0185 1904 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys 19:21:52.0185 1904 arcsas - ok 19:21:52.0200 1904 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 19:21:52.0216 1904 AsyncMac - ok 19:21:52.0216 1904 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys 19:21:52.0216 1904 atapi - ok 19:21:52.0341 1904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 19:21:52.0356 1904 AudioEndpointBuilder - ok 19:21:52.0387 1904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll 19:21:52.0387 1904 AudioSrv - ok 19:21:52.0450 1904 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll 19:21:52.0450 1904 AxInstSV - ok 19:21:52.0512 1904 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys 19:21:52.0528 1904 b06bdrv - ok 19:21:52.0575 1904 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys 19:21:52.0575 1904 b57nd60a - ok 19:21:52.0731 1904 [ 47480F4260DAE9AA589BCAF924B3767A ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe 19:21:52.0731 1904 BBSvc - ok 19:21:52.0777 1904 [ 6BF743CBF3BCD09DAB79245E60E1AE62 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe 19:21:52.0793 1904 BBUpdate - ok 19:21:52.0824 1904 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll 19:21:52.0840 1904 BDESVC - ok 19:21:52.0902 1904 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys 19:21:52.0902 1904 Beep - ok 19:21:52.0965 1904 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll 19:21:52.0980 1904 BFE - ok 19:21:53.0167 1904 [ 1D757A7E020C577C4259A755F21B7152 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20111223.001\BHDrvx64.sys 19:21:53.0183 1904 BHDrvx64 - ok 19:21:53.0230 1904 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll 19:21:53.0401 1904 BITS - ok 19:21:53.0464 1904 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys 19:21:53.0464 1904 blbdrive - ok 19:21:53.0557 1904 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:21:53.0573 1904 Bonjour Service - ok 19:21:53.0620 1904 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys 19:21:53.0620 1904 bowser - ok 19:21:53.0667 1904 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys 19:21:53.0667 1904 BrFiltLo - ok 19:21:53.0698 1904 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys 19:21:53.0698 1904 BrFiltUp - ok 19:21:53.0745 1904 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys 19:21:53.0745 1904 BridgeMP - ok 19:21:53.0791 1904 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll 19:21:53.0807 1904 Browser - ok 19:21:53.0823 1904 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys 19:21:53.0838 1904 Brserid - ok 19:21:53.0854 1904 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys 19:21:53.0854 1904 BrSerWdm - ok 19:21:53.0901 1904 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys 19:21:53.0901 1904 BrUsbMdm - ok 19:21:53.0916 1904 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys 19:21:53.0916 1904 BrUsbSer - ok 19:21:53.0932 1904 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys 19:21:53.0932 1904 BTHMODEM - ok 19:21:54.0010 1904 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll 19:21:54.0025 1904 bthserv - ok 19:21:54.0072 1904 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 19:21:54.0072 1904 cdfs - ok 19:21:54.0135 1904 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys 19:21:54.0135 1904 cdrom - ok 19:21:54.0181 1904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll 19:21:54.0181 1904 CertPropSvc - ok 19:21:54.0244 1904 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys 19:21:54.0244 1904 circlass - ok 19:21:54.0275 1904 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys 19:21:54.0275 1904 CLFS - ok 19:21:54.0369 1904 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:21:54.0369 1904 clr_optimization_v2.0.50727_32 - ok 19:21:54.0447 1904 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:21:54.0447 1904 clr_optimization_v2.0.50727_64 - ok 19:21:54.0525 1904 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:21:54.0525 1904 clr_optimization_v4.0.30319_32 - ok 19:21:54.0587 1904 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:21:54.0603 1904 clr_optimization_v4.0.30319_64 - ok 19:21:54.0665 1904 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys 19:21:54.0665 1904 CmBatt - ok 19:21:54.0696 1904 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys 19:21:54.0696 1904 cmdide - ok 19:21:54.0759 1904 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\windows\system32\Drivers\cng.sys 19:21:54.0759 1904 CNG - ok 19:21:54.0852 1904 [ 99B1B888B793DE320C5479B3C953781F ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys 19:21:54.0883 1904 CnxtHdAudService - ok 19:21:54.0946 1904 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys 19:21:54.0946 1904 Compbatt - ok 19:21:55.0008 1904 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys 19:21:55.0008 1904 CompositeBus - ok 19:21:55.0039 1904 COMSysApp - ok 19:21:55.0071 1904 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys 19:21:55.0071 1904 crcdisk - ok 19:21:55.0117 1904 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll 19:21:55.0133 1904 CryptSvc - ok 19:21:55.0180 1904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll 19:21:55.0195 1904 DcomLaunch - ok 19:21:55.0273 1904 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll 19:21:55.0273 1904 defragsvc - ok 19:21:55.0336 1904 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys 19:21:55.0336 1904 DfsC - ok 19:21:55.0383 1904 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll 19:21:55.0398 1904 Dhcp - ok 19:21:55.0461 1904 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys 19:21:55.0461 1904 discache - ok 19:21:55.0507 1904 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys 19:21:55.0507 1904 Disk - ok 19:21:55.0539 1904 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll 19:21:55.0554 1904 Dnscache - ok 19:21:55.0585 1904 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll 19:21:55.0601 1904 dot3svc - ok 19:21:55.0632 1904 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll 19:21:55.0632 1904 DPS - ok 19:21:55.0695 1904 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 19:21:55.0695 1904 drmkaud - ok 19:21:55.0741 1904 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 19:21:55.0757 1904 DXGKrnl - ok 19:21:55.0819 1904 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll 19:21:55.0819 1904 EapHost - ok 19:21:55.0960 1904 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys 19:21:56.0069 1904 ebdrv - ok 19:21:56.0147 1904 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 19:21:56.0163 1904 eeCtrl - ok 19:21:56.0194 1904 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe 19:21:56.0194 1904 EFS - ok 19:21:56.0256 1904 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe 19:21:56.0272 1904 ehRecvr - ok 19:21:56.0303 1904 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe 19:21:56.0303 1904 ehSched - ok 19:21:56.0397 1904 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys 19:21:56.0412 1904 elxstor - ok 19:21:56.0475 1904 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 19:21:56.0475 1904 EraserUtilRebootDrv - ok 19:21:56.0490 1904 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys 19:21:56.0490 1904 ErrDev - ok 19:21:56.0584 1904 [ 5D82D501D2FEE413B1F45F0302B5802C ] ETD C:\windows\system32\DRIVERS\ETD.sys 19:21:56.0584 1904 ETD - ok 19:21:56.0646 1904 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll 19:21:56.0646 1904 EventSystem - ok 19:21:56.0693 1904 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys 19:21:56.0693 1904 exfat - ok 19:21:56.0724 1904 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys 19:21:56.0740 1904 fastfat - ok 19:21:56.0787 1904 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe 19:21:56.0802 1904 Fax - ok 19:21:56.0833 1904 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys 19:21:56.0849 1904 fdc - ok 19:21:56.0896 1904 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll 19:21:56.0896 1904 fdPHost - ok 19:21:56.0943 1904 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll 19:21:56.0943 1904 FDResPub - ok 19:21:56.0989 1904 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys 19:21:56.0989 1904 FileInfo - ok 19:21:57.0005 1904 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys 19:21:57.0005 1904 Filetrace - ok 19:21:57.0067 1904 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys 19:21:57.0067 1904 flpydisk - ok 19:21:57.0099 1904 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 19:21:57.0099 1904 FltMgr - ok 19:21:57.0161 1904 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll 19:21:57.0192 1904 FontCache - ok 19:21:57.0239 1904 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:21:57.0239 1904 FontCache3.0.0.0 - ok 19:21:57.0286 1904 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys 19:21:57.0286 1904 FsDepends - ok 19:21:57.0317 1904 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 19:21:57.0317 1904 Fs_Rec - ok 19:21:57.0379 1904 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys 19:21:57.0379 1904 fvevol - ok 19:21:57.0457 1904 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys 19:21:57.0457 1904 FwLnk - ok 19:21:57.0551 1904 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys 19:21:57.0551 1904 gagp30kx - ok 19:21:57.0598 1904 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys 19:21:57.0598 1904 GEARAspiWDM - ok 19:21:57.0645 1904 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll 19:21:57.0660 1904 gpsvc - ok 19:21:57.0738 1904 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:21:57.0754 1904 gupdate - ok 19:21:57.0785 1904 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:21:57.0785 1904 gupdatem - ok 19:21:57.0832 1904 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys 19:21:57.0832 1904 hcw85cir - ok 19:21:57.0879 1904 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys 19:21:57.0894 1904 HdAudAddService - ok 19:21:57.0925 1904 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys 19:21:57.0925 1904 HDAudBus - ok 19:21:57.0941 1904 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys 19:21:57.0941 1904 HidBatt - ok 19:21:57.0957 1904 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys 19:21:57.0957 1904 HidBth - ok 19:21:57.0972 1904 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys 19:21:57.0972 1904 HidIr - ok 19:21:58.0035 1904 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll 19:21:58.0035 1904 hidserv - ok 19:21:58.0097 1904 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys 19:21:58.0097 1904 HidUsb - ok 19:21:58.0144 1904 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll 19:21:58.0144 1904 hkmsvc - ok 19:21:58.0175 1904 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll 19:21:58.0175 1904 HomeGroupListener - ok 19:21:58.0222 1904 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll 19:21:58.0222 1904 HomeGroupProvider - ok 19:21:58.0253 1904 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys 19:21:58.0269 1904 HpSAMD - ok 19:21:58.0331 1904 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys 19:21:58.0331 1904 HTTP - ok 19:21:58.0362 1904 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys 19:21:58.0362 1904 hwpolicy - ok 19:21:58.0378 1904 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys 19:21:58.0378 1904 i8042prt - ok 19:21:58.0440 1904 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys 19:21:58.0456 1904 iaStorV - ok 19:21:58.0518 1904 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:21:58.0534 1904 idsvc - ok 19:21:58.0612 1904 [ 0B97F1A640AD3D159A7B5D2164C42E50 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120120.002\IDSvia64.sys 19:21:58.0627 1904 IDSVia64 - ok 19:21:58.0690 1904 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys 19:21:58.0690 1904 iirsp - ok 19:21:58.0752 1904 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll 19:21:58.0768 1904 IKEEXT - ok 19:21:58.0783 1904 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys 19:21:58.0783 1904 intelide - ok 19:21:58.0815 1904 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys 19:21:58.0830 1904 intelppm - ok 19:21:58.0861 1904 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll 19:21:58.0877 1904 IPBusEnum - ok 19:21:58.0893 1904 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 19:21:58.0893 1904 IpFilterDriver - ok 19:21:58.0955 1904 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll 19:21:58.0971 1904 iphlpsvc - ok 19:21:58.0971 1904 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys 19:21:58.0986 1904 IPMIDRV - ok 19:21:59.0017 1904 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys 19:21:59.0017 1904 IPNAT - ok 19:21:59.0064 1904 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:21:59.0080 1904 iPod Service - ok 19:21:59.0127 1904 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys 19:21:59.0127 1904 IRENUM - ok 19:21:59.0142 1904 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys 19:21:59.0142 1904 isapnp - ok 19:21:59.0189 1904 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys 19:21:59.0205 1904 iScsiPrt - ok 19:21:59.0236 1904 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys 19:21:59.0236 1904 kbdclass - ok 19:21:59.0267 1904 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys 19:21:59.0267 1904 kbdhid - ok 19:21:59.0298 1904 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe 19:21:59.0298 1904 KeyIso - ok 19:21:59.0329 1904 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\windows\system32\Drivers\ksecdd.sys 19:21:59.0329 1904 KSecDD - ok 19:21:59.0345 1904 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys 19:21:59.0361 1904 KSecPkg - ok 19:21:59.0407 1904 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys 19:21:59.0407 1904 ksthunk - ok 19:21:59.0501 1904 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll 19:21:59.0517 1904 KtmRm - ok 19:21:59.0563 1904 [ 0E154DA6CA9105354A07D0C576804037 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys 19:21:59.0563 1904 L1C - ok 19:21:59.0626 1904 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll 19:21:59.0641 1904 LanmanServer - ok 19:21:59.0673 1904 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll 19:21:59.0688 1904 LanmanWorkstation - ok 19:21:59.0751 1904 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys 19:21:59.0751 1904 lltdio - ok 19:21:59.0797 1904 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll 19:21:59.0813 1904 lltdsvc - ok 19:21:59.0829 1904 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll 19:21:59.0829 1904 lmhosts - ok 19:21:59.0891 1904 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys 19:21:59.0891 1904 LSI_FC - ok 19:21:59.0922 1904 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys 19:21:59.0922 1904 LSI_SAS - ok 19:21:59.0938 1904 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys 19:21:59.0938 1904 LSI_SAS2 - ok 19:21:59.0969 1904 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys 19:21:59.0969 1904 LSI_SCSI - ok 19:22:00.0031 1904 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys 19:22:00.0047 1904 luafv - ok 19:22:00.0078 1904 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys 19:22:00.0094 1904 MBAMProtector - ok 19:22:00.0156 1904 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 19:22:00.0172 1904 MBAMScheduler - ok 19:22:00.0250 1904 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:22:00.0265 1904 MBAMService - ok 19:22:00.0297 1904 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll 19:22:00.0297 1904 Mcx2Svc - ok 19:22:00.0328 1904 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys 19:22:00.0328 1904 megasas - ok 19:22:00.0390 1904 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys 19:22:00.0406 1904 MegaSR - ok 19:22:00.0453 1904 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll 19:22:00.0453 1904 MMCSS - ok 19:22:00.0468 1904 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys 19:22:00.0468 1904 Modem - ok 19:22:00.0515 1904 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys 19:22:00.0531 1904 monitor - ok 19:22:00.0562 1904 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys 19:22:00.0562 1904 mouclass - ok 19:22:00.0593 1904 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys 19:22:00.0593 1904 mouhid - ok 19:22:00.0624 1904 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys 19:22:00.0624 1904 mountmgr - ok 19:22:00.0640 1904 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys 19:22:00.0640 1904 mpio - ok 19:22:00.0655 1904 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys 19:22:00.0671 1904 mpsdrv - ok 19:22:00.0718 1904 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll 19:22:00.0749 1904 MpsSvc - ok 19:22:00.0765 1904 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys 19:22:00.0765 1904 MRxDAV - ok 19:22:00.0811 1904 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys 19:22:00.0811 1904 mrxsmb - ok 19:22:00.0843 1904 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys 19:22:00.0858 1904 mrxsmb10 - ok 19:22:00.0889 1904 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys 19:22:00.0889 1904 mrxsmb20 - ok 19:22:00.0936 1904 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys 19:22:00.0936 1904 msahci - ok 19:22:00.0967 1904 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys 19:22:00.0967 1904 msdsm - ok 19:22:00.0999 1904 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe 19:22:00.0999 1904 MSDTC - ok 19:22:01.0045 1904 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys 19:22:01.0061 1904 Msfs - ok 19:22:01.0077 1904 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys 19:22:01.0077 1904 mshidkmdf - ok 19:22:01.0123 1904 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys 19:22:01.0123 1904 msisadrv - ok 19:22:01.0170 1904 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll 19:22:01.0170 1904 MSiSCSI - ok 19:22:01.0186 1904 msiserver - ok 19:22:01.0217 1904 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 19:22:01.0217 1904 MSKSSRV - ok 19:22:01.0264 1904 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 19:22:01.0264 1904 MSPCLOCK - ok 19:22:01.0264 1904 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys 19:22:01.0279 1904 MSPQM - ok 19:22:01.0311 1904 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys 19:22:01.0311 1904 MsRPC - ok 19:22:01.0342 1904 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys 19:22:01.0342 1904 mssmbios - ok 19:22:01.0373 1904 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys 19:22:01.0389 1904 MSTEE - ok 19:22:01.0389 1904 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys 19:22:01.0404 1904 MTConfig - ok 19:22:01.0435 1904 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys 19:22:01.0435 1904 Mup - ok 19:22:01.0482 1904 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll 19:22:01.0498 1904 napagent - ok 19:22:01.0560 1904 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys 19:22:01.0560 1904 NativeWifiP - ok 19:22:01.0623 1904 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120122.004\ENG64.SYS 19:22:01.0623 1904 NAVENG - ok 19:22:01.0701 1904 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120122.004\EX64.SYS 19:22:01.0732 1904 NAVEX15 - ok 19:22:01.0810 1904 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys 19:22:01.0825 1904 NDIS - ok 19:22:01.0857 1904 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys 19:22:01.0872 1904 NdisCap - ok 19:22:01.0888 1904 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 19:22:01.0888 1904 NdisTapi - ok 19:22:01.0919 1904 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 19:22:01.0919 1904 Ndisuio - ok 19:22:01.0950 1904 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 19:22:01.0950 1904 NdisWan - ok 19:22:01.0981 1904 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys 19:22:01.0981 1904 NDProxy - ok 19:22:02.0013 1904 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 19:22:02.0013 1904 NetBIOS - ok 19:22:02.0044 1904 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys 19:22:02.0044 1904 NetBT - ok 19:22:02.0075 1904 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe 19:22:02.0075 1904 Netlogon - ok 19:22:02.0137 1904 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll 19:22:02.0137 1904 Netman - ok 19:22:02.0169 1904 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll 19:22:02.0169 1904 netprofm - ok 19:22:02.0200 1904 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:22:02.0215 1904 NetTcpPortSharing - ok 19:22:02.0262 1904 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys 19:22:02.0278 1904 nfrd960 - ok 19:22:02.0371 1904 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe 19:22:02.0371 1904 NIS - ok 19:22:02.0418 1904 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll 19:22:02.0434 1904 NlaSvc - ok 19:22:02.0527 1904 Norton PC Checkup Application Launcher - ok 19:22:02.0574 1904 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys 19:22:02.0574 1904 Npfs - ok 19:22:02.0605 1904 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll 19:22:02.0605 1904 nsi - ok 19:22:02.0652 1904 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys 19:22:02.0652 1904 nsiproxy - ok 19:22:02.0746 1904 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys 19:22:02.0777 1904 Ntfs - ok 19:22:02.0808 1904 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys 19:22:02.0808 1904 Null - ok 19:22:02.0871 1904 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys 19:22:02.0871 1904 nvraid - ok 19:22:02.0902 1904 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys 19:22:02.0902 1904 nvstor - ok 19:22:02.0964 1904 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys 19:22:02.0964 1904 nv_agp - ok 19:22:02.0980 1904 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys 19:22:02.0980 1904 ohci1394 - ok 19:22:03.0027 1904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll 19:22:03.0042 1904 p2pimsvc - ok 19:22:03.0073 1904 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll 19:22:03.0089 1904 p2psvc - ok 19:22:03.0120 1904 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys 19:22:03.0120 1904 Parport - ok 19:22:03.0167 1904 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys 19:22:03.0167 1904 partmgr - ok 19:22:03.0198 1904 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll 19:22:03.0214 1904 PcaSvc - ok 19:22:03.0276 1904 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe 19:22:03.0276 1904 PCCUJobMgr - ok 19:22:03.0323 1904 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys 19:22:03.0323 1904 pci - ok 19:22:03.0354 1904 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys 19:22:03.0354 1904 pciide - ok 19:22:03.0385 1904 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys 19:22:03.0401 1904 pcmcia - ok 19:22:03.0448 1904 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys 19:22:03.0463 1904 pcw - ok 19:22:03.0495 1904 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys 19:22:03.0510 1904 PEAUTH - ok 19:22:03.0619 1904 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe 19:22:03.0619 1904 PerfHost - ok 19:22:03.0697 1904 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys 19:22:03.0697 1904 PGEffect - ok 19:22:03.0775 1904 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll 19:22:03.0791 1904 pla - ok 19:22:03.0853 1904 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll 19:22:03.0869 1904 PlugPlay - ok 19:22:03.0885 1904 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll 19:22:03.0900 1904 PNRPAutoReg - ok 19:22:03.0916 1904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll 19:22:03.0931 1904 PNRPsvc - ok 19:22:03.0978 1904 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll 19:22:03.0978 1904 PolicyAgent - ok 19:22:04.0009 1904 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll 19:22:04.0025 1904 Power - ok 19:22:04.0072 1904 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 19:22:04.0072 1904 PptpMiniport - ok 19:22:04.0103 1904 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys 19:22:04.0103 1904 Processor - ok 19:22:04.0150 1904 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll 19:22:04.0150 1904 ProfSvc - ok 19:22:04.0197 1904 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe 19:22:04.0197 1904 ProtectedStorage - ok 19:22:04.0259 1904 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys 19:22:04.0259 1904 Psched - ok 19:22:04.0368 1904 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys 19:22:04.0399 1904 ql2300 - ok 19:22:04.0415 1904 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys 19:22:04.0415 1904 ql40xx - ok 19:22:04.0462 1904 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll 19:22:04.0477 1904 QWAVE - ok 19:22:04.0509 1904 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys 19:22:04.0509 1904 QWAVEdrv - ok 19:22:04.0540 1904 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 19:22:04.0540 1904 RasAcd - ok 19:22:04.0571 1904 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys 19:22:04.0571 1904 RasAgileVpn - ok 19:22:04.0587 1904 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll 19:22:04.0602 1904 RasAuto - ok 19:22:04.0633 1904 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 19:22:04.0633 1904 Rasl2tp - ok 19:22:04.0680 1904 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll 19:22:04.0696 1904 RasMan - ok 19:22:04.0711 1904 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 19:22:04.0711 1904 RasPppoe - ok 19:22:04.0758 1904 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys 19:22:04.0758 1904 RasSstp - ok 19:22:04.0789 1904 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys 19:22:04.0789 1904 rdbss - ok 19:22:04.0821 1904 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys 19:22:04.0821 1904 rdpbus - ok 19:22:04.0852 1904 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 19:22:04.0852 1904 RDPCDD - ok 19:22:04.0899 1904 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys 19:22:04.0899 1904 RDPENCDD - ok 19:22:04.0945 1904 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys 19:22:04.0945 1904 RDPREFMP - ok 19:22:04.0992 1904 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys 19:22:04.0992 1904 RDPWD - ok 19:22:05.0039 1904 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys 19:22:05.0055 1904 rdyboost - ok 19:22:05.0086 1904 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll 19:22:05.0086 1904 RemoteAccess - ok 19:22:05.0133 1904 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll 19:22:05.0148 1904 RemoteRegistry - ok 19:22:05.0164 1904 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll 19:22:05.0164 1904 RpcEptMapper - ok 19:22:05.0211 1904 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe 19:22:05.0211 1904 RpcLocator - ok 19:22:05.0273 1904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll 19:22:05.0273 1904 RpcSs - ok 19:22:05.0320 1904 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys 19:22:05.0320 1904 rspndr - ok 19:22:05.0398 1904 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys 19:22:05.0398 1904 RSUSBSTOR - ok 19:22:05.0491 1904 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys 19:22:05.0507 1904 RTL8192Ce - ok 19:22:05.0523 1904 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe 19:22:05.0538 1904 SamSs - ok 19:22:05.0569 1904 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys 19:22:05.0569 1904 sbp2port - ok 19:22:05.0616 1904 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll 19:22:05.0616 1904 SCardSvr - ok 19:22:05.0647 1904 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys 19:22:05.0647 1904 scfilter - ok 19:22:05.0710 1904 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll 19:22:05.0741 1904 Schedule - ok 19:22:05.0772 1904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll 19:22:05.0772 1904 SCPolicySvc - ok 19:22:05.0803 1904 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll 19:22:05.0803 1904 SDRSVC - ok 19:22:05.0850 1904 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys 19:22:05.0850 1904 secdrv - ok 19:22:05.0881 1904 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll 19:22:05.0881 1904 seclogon - ok 19:22:05.0913 1904 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll 19:22:05.0913 1904 SENS - ok 19:22:05.0959 1904 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll 19:22:05.0959 1904 SensrSvc - ok 19:22:06.0006 1904 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys 19:22:06.0006 1904 Serenum - ok 19:22:06.0037 1904 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys 19:22:06.0037 1904 Serial - ok 19:22:06.0053 1904 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys 19:22:06.0053 1904 sermouse - ok 19:22:06.0100 1904 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll 19:22:06.0115 1904 SessionEnv - ok 19:22:06.0131 1904 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys 19:22:06.0131 1904 sffdisk - ok 19:22:06.0131 1904 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys 19:22:06.0147 1904 sffp_mmc - ok 19:22:06.0147 1904 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys 19:22:06.0162 1904 sffp_sd - ok 19:22:06.0178 1904 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys 19:22:06.0178 1904 sfloppy - ok 19:22:06.0271 1904 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll 19:22:06.0287 1904 SharedAccess - ok 19:22:06.0349 1904 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll 19:22:06.0349 1904 ShellHWDetection - ok 19:22:06.0412 1904 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys 19:22:06.0412 1904 SiSRaid2 - ok 19:22:06.0427 1904 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys 19:22:06.0427 1904 SiSRaid4 - ok 19:22:06.0630 1904 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 19:22:06.0677 1904 Skype C2C Service - ok 19:22:06.0771 1904 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 19:22:06.0771 1904 SkypeUpdate - ok 19:22:06.0802 1904 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys 19:22:06.0817 1904 Smb - ok 19:22:06.0864 1904 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe 19:22:06.0880 1904 SNMPTRAP - ok 19:22:06.0895 1904 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys 19:22:06.0895 1904 spldr - ok 19:22:06.0942 1904 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe 19:22:06.0958 1904 Spooler - ok 19:22:07.0067 1904 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe 19:22:07.0129 1904 sppsvc - ok 19:22:07.0161 1904 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll 19:22:07.0176 1904 sppuinotify - ok 19:22:07.0254 1904 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS 19:22:07.0270 1904 SRTSP - ok 19:22:07.0317 1904 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS 19:22:07.0317 1904 SRTSPX - ok 19:22:07.0363 1904 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys 19:22:07.0363 1904 srv - ok 19:22:07.0395 1904 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys 19:22:07.0410 1904 srv2 - ok 19:22:07.0441 1904 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys 19:22:07.0441 1904 srvnet - ok 19:22:07.0504 1904 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll 19:22:07.0504 1904 SSDPSRV - ok 19:22:07.0519 1904 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll 19:22:07.0535 1904 SstpSvc - ok 19:22:07.0566 1904 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys 19:22:07.0566 1904 stexstor - ok 19:22:07.0613 1904 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll 19:22:07.0629 1904 stisvc - ok 19:22:07.0660 1904 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys 19:22:07.0660 1904 swenum - ok 19:22:07.0707 1904 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll 19:22:07.0722 1904 swprv - ok 19:22:07.0785 1904 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS 19:22:07.0785 1904 SymDS - ok 19:22:07.0831 1904 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS 19:22:07.0847 1904 SymEFA - ok 19:22:07.0894 1904 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS 19:22:07.0909 1904 SymEvent - ok 19:22:07.0941 1904 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS 19:22:07.0941 1904 SymIRON - ok 19:22:08.0003 1904 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS 19:22:08.0019 1904 SymNetS - ok 19:22:08.0081 1904 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll 19:22:08.0112 1904 SysMain - ok 19:22:08.0143 1904 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll 19:22:08.0143 1904 TabletInputService - ok 19:22:08.0190 1904 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll 19:22:08.0190 1904 TapiSrv - ok 19:22:08.0221 1904 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll 19:22:08.0237 1904 TBS - ok 19:22:08.0331 1904 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys 19:22:08.0362 1904 Tcpip - ok 19:22:08.0409 1904 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys 19:22:08.0440 1904 TCPIP6 - ok 19:22:08.0487 1904 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys 19:22:08.0487 1904 tcpipreg - ok 19:22:08.0518 1904 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys 19:22:08.0533 1904 tdcmdpst - ok 19:22:08.0565 1904 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys 19:22:08.0565 1904 TDPIPE - ok 19:22:08.0596 1904 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys 19:22:08.0596 1904 TDTCP - ok 19:22:08.0658 1904 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys 19:22:08.0658 1904 tdx - ok 19:22:08.0689 1904 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys 19:22:08.0689 1904 TermDD - ok 19:22:08.0736 1904 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll 19:22:08.0752 1904 TermService - ok 19:22:08.0767 1904 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll 19:22:08.0783 1904 Themes - ok 19:22:08.0814 1904 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll 19:22:08.0830 1904 THREADORDER - ok 19:22:08.0877 1904 [ DFE9BA871B9F3DBB591BD113611CBCC0 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 19:22:08.0877 1904 TMachInfo - ok 19:22:08.0923 1904 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe 19:22:08.0923 1904 TODDSrv - ok 19:22:09.0001 1904 [ DB9719688C08F42705FEB3F6A0C98B91 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 19:22:09.0001 1904 TosCoSrv - ok 19:22:09.0095 1904 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 19:22:09.0095 1904 TOSHIBA HDD SSD Alert Service - ok 19:22:09.0142 1904 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll 19:22:09.0142 1904 TrkWks - ok 19:22:09.0204 1904 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe 19:22:09.0204 1904 TrustedInstaller - ok 19:22:09.0251 1904 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys 19:22:09.0267 1904 tssecsrv - ok 19:22:09.0282 1904 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys 19:22:09.0298 1904 TsUsbFlt - ok 19:22:09.0313 1904 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys 19:22:09.0313 1904 TsUsbGD - ok 19:22:09.0345 1904 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys 19:22:09.0345 1904 tunnel - ok 19:22:09.0407 1904 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS 19:22:09.0407 1904 TVALZ - ok 19:22:09.0423 1904 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys 19:22:09.0423 1904 uagp35 - ok 19:22:09.0469 1904 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys 19:22:09.0485 1904 udfs - ok 19:22:09.0516 1904 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe 19:22:09.0532 1904 UI0Detect - ok 19:22:09.0579 1904 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys 19:22:09.0579 1904 uliagpkx - ok 19:22:09.0625 1904 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys 19:22:09.0625 1904 umbus - ok 19:22:09.0641 1904 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys 19:22:09.0641 1904 UmPass - ok 19:22:09.0672 1904 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll 19:22:09.0672 1904 upnphost - ok 19:22:09.0719 1904 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys 19:22:09.0719 1904 USBAAPL64 - ok 19:22:09.0750 1904 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 19:22:09.0750 1904 usbccgp - ok 19:22:09.0813 1904 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys 19:22:09.0813 1904 usbcir - ok 19:22:09.0859 1904 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys 19:22:09.0859 1904 usbehci - ok 19:22:09.0891 1904 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys 19:22:09.0906 1904 usbhub - ok 19:22:09.0953 1904 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys 19:22:09.0953 1904 usbohci - ok 19:22:09.0984 1904 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys 19:22:09.0984 1904 usbprint - ok 19:22:10.0015 1904 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 19:22:10.0015 1904 USBSTOR - ok 19:22:10.0062 1904 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys 19:22:10.0062 1904 usbuhci - ok 19:22:10.0078 1904 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys 19:22:10.0093 1904 usbvideo - ok 19:22:10.0125 1904 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll 19:22:10.0140 1904 UxSms - ok 19:22:10.0171 1904 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe 19:22:10.0171 1904 VaultSvc - ok 19:22:10.0187 1904 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys 19:22:10.0203 1904 vdrvroot - ok 19:22:10.0234 1904 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe 19:22:10.0234 1904 vds - ok 19:22:10.0281 1904 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys 19:22:10.0296 1904 vga - ok 19:22:10.0312 1904 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys 19:22:10.0312 1904 VgaSave - ok 19:22:10.0374 1904 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys 19:22:10.0374 1904 vhdmp - ok 19:22:10.0390 1904 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys 19:22:10.0390 1904 viaide - ok 19:22:10.0437 1904 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys 19:22:10.0437 1904 volmgr - ok 19:22:10.0468 1904 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys 19:22:10.0483 1904 volmgrx - ok 19:22:10.0499 1904 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys 19:22:10.0499 1904 volsnap - ok 19:22:10.0577 1904 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys 19:22:10.0577 1904 vsmraid - ok 19:22:10.0671 1904 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe 19:22:10.0702 1904 VSS - ok 19:22:10.0717 1904 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys 19:22:10.0717 1904 vwifibus - ok 19:22:10.0764 1904 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys 19:22:10.0764 1904 vwififlt - ok 19:22:10.0842 1904 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys 19:22:10.0842 1904 vwifimp - ok 19:22:10.0889 1904 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll 19:22:10.0905 1904 W32Time - ok 19:22:10.0951 1904 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys 19:22:10.0951 1904 WacomPen - ok 19:22:10.0983 1904 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys 19:22:10.0998 1904 WANARP - ok 19:22:10.0998 1904 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys 19:22:10.0998 1904 Wanarpv6 - ok 19:22:11.0076 1904 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe 19:22:11.0107 1904 WatAdminSvc - ok 19:22:11.0170 1904 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe 19:22:11.0201 1904 wbengine - ok 19:22:11.0232 1904 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll 19:22:11.0248 1904 WbioSrvc - ok 19:22:11.0279 1904 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll 19:22:11.0279 1904 wcncsvc - ok 19:22:11.0310 1904 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll 19:22:11.0326 1904 WcsPlugInService - ok 19:22:11.0388 1904 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys 19:22:11.0388 1904 Wd - ok 19:22:11.0451 1904 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys 19:22:11.0466 1904 Wdf01000 - ok 19:22:11.0497 1904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll 19:22:11.0497 1904 WdiServiceHost - ok 19:22:11.0513 1904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll 19:22:11.0513 1904 WdiSystemHost - ok 19:22:11.0575 1904 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll 19:22:11.0575 1904 WebClient - ok 19:22:11.0622 1904 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll 19:22:11.0622 1904 Wecsvc - ok 19:22:11.0638 1904 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll 19:22:11.0653 1904 wercplsupport - ok 19:22:11.0685 1904 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll 19:22:11.0685 1904 WerSvc - ok 19:22:11.0716 1904 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys 19:22:11.0716 1904 WfpLwf - ok 19:22:11.0747 1904 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys 19:22:11.0747 1904 WIMMount - ok 19:22:11.0778 1904 WinDefend - ok 19:22:11.0794 1904 WinHttpAutoProxySvc - ok 19:22:11.0872 1904 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll 19:22:11.0872 1904 Winmgmt - ok 19:22:11.0965 1904 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll 19:22:11.0997 1904 WinRM - ok 19:22:12.0059 1904 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys 19:22:12.0059 1904 WinUsb - ok 19:22:12.0106 1904 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll 19:22:12.0137 1904 Wlansvc - ok 19:22:12.0215 1904 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 19:22:12.0215 1904 wlcrasvc - ok 19:22:12.0309 1904 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:22:12.0340 1904 wlidsvc - ok 19:22:12.0371 1904 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys 19:22:12.0371 1904 WmiAcpi - ok 19:22:12.0418 1904 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe 19:22:12.0433 1904 wmiApSrv - ok 19:22:12.0480 1904 WMPNetworkSvc - ok 19:22:12.0511 1904 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll 19:22:12.0527 1904 WPCSvc - ok 19:22:12.0543 1904 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll 19:22:12.0558 1904 WPDBusEnum - ok 19:22:12.0589 1904 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys 19:22:12.0589 1904 ws2ifsl - ok 19:22:12.0636 1904 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll 19:22:12.0652 1904 wscsvc - ok 19:22:12.0667 1904 WSearch - ok 19:22:12.0777 1904 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll 19:22:12.0823 1904 wuauserv - ok 19:22:12.0855 1904 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys 19:22:12.0855 1904 WudfPf - ok 19:22:12.0901 1904 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys 19:22:12.0917 1904 WUDFRd - ok 19:22:12.0933 1904 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll 19:22:12.0948 1904 wudfsvc - ok 19:22:12.0979 1904 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll 19:22:12.0995 1904 WwanSvc - ok 19:22:13.0089 1904 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 19:22:13.0104 1904 YahooAUService - ok 19:22:13.0135 1904 ================ Scan global =============================== 19:22:13.0182 1904 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll 19:22:13.0213 1904 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll 19:22:13.0229 1904 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll 19:22:13.0276 1904 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll 19:22:13.0307 1904 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe 19:22:13.0323 1904 [Global] - ok 19:22:13.0323 1904 ================ Scan MBR ================================== 19:22:13.0354 1904 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0 19:22:13.0681 1904 \Device\Harddisk0\DR0 - ok 19:22:13.0681 1904 ================ Scan VBR ================================== 19:22:13.0697 1904 [ 80FF801DBE2BBB8D72C04DF77D231689 ] \Device\Harddisk0\DR0\Partition1 19:22:13.0697 1904 \Device\Harddisk0\DR0\Partition1 - ok 19:22:13.0713 1904 ============================================================ 19:22:13.0713 1904 Scan finished 19:22:13.0713 1904 ============================================================ 19:22:13.0744 1408 Detected object count: 0 19:22:13.0744 1408 Actual detected object count: 0
  5. In Step 3, I enter the command and the folder for Chameleon opens up, and not Command Prompt? I copy/pasted the entire command including the " marks to the end of the command into the Run dialog box but it only opens the folder and doesn't run anything.
  6. I'm posting from a different pc so its easier on both of us. Here are the results: (Also, no matter what I tried, Rkill never had the option for Run As Administrator, [but RogueKiller did, and ran accordingly]) Rkill 2.4.7 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 02/25/2013 04:05:57 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * COM+ Event System (EventSystem) is not Running. Startup Type set to: Automatic * Security Center (wscsvc) is not Running. Startup Type set to: Automatic (Delayed Start) * Windows Update (wuauserv) is not Running. Startup Type set to: Automatic (Delayed Start) Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * Cannot edit the HOSTS file. * Permissions Fixed. Administrators can now edit the HOSTS file. * HOSTS file entries found: 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 20 out of 15330 HOSTS entries shown. Please review HOSTS file for further entries. Program finished at: 02/25/2013 04:06:20 PM Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s) -End Rkill- RogueKiller V8.5.2 [Feb 23 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Safe mode with network support User : Mesha Lynn [Admin rights] Mode : Scan -- Date : 02/25/2013 16:13:54 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 11 ¤¤¤ [RUN][ROGUE ST] HKLM\[...]\Wow6432Node\RunOnce : 1 (C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe /r /p) -> FOUND [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorUser (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\windows\system32\drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK3275GSX SATA Disk Device +++++ --- User --- [MBR] ccf60736590eef2cfd6a7aa695256f66 [bSP] 66145dbfca0f0410ab0749a594446f83 : Windows Vista MBR Code Partition table: 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 292137 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 601370624 | Size: 11607 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_02252013_02d1613.txt >> RKreport[1]_S_02252013_02d1613.txt -End RogueKiller-
  7. lHad PC MightyMax 2012, rem0ved it, Ma1warebytes was then insta11ed and f0und Win32.Delf.uv with other less seri0us infecti0ns. Have a11 10g fi1es. A1s0 as y0u may have n0ticed, typing is extreme1y difficu1t. Wind0ws 0n1y runs in Safe M0de, wi11 b00t n0rma11y but never fu11y 10ad. Here is my current DDS 10g: DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK Internet Explorer: 9.0.8112.16446 Run by Mesha Lynn at 17:04:42 on 2013-02-24 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2663.1594 [GMT -8:00] . AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\System32\svchost.exe -k secsvcs C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\ctfmon.exe C:\windows\system32\taskmgr.exe C:\windows\explorer.exe C:\windows\hh.exe "C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe" C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.facebook.com/ uProxyOverride = <local>;*.local BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" mRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:0 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - hxxps://vcuhsra.mcvh-vcu.edu/vdesk/terminal/f5tunsrv.cab#version=7000,2011,1213,303 DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - C:\Users\MESHAL~1\AppData\Local\Temp\IXP000.TMP\InstallerControl.cab#-1,-1,-1,-1 DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - hxxps://vcuhsra.mcvh-vcu.edu/vdesk/terminal/vdeskctrl.cab#version=7000,2012,0712,0449 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - hxxps://vcuhsra.mcvh-vcu.edu/vdesk/terminal/urxshost.cab#version=7000,2012,215,1913 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - hxxps://vcuhsra.mcvh-vcu.edu/vdesk/terminal/urxhost.cab#version=7000,2012,613,1512 TCP: NameServer = 192.168.1.1 TCP: Interfaces\{7194561C-36BB-401C-8C24-2C5908F5BF65} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{BBC53485-D51D-4DB0-9FB1-40BF7B824669} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{BBC53485-D51D-4DB0-9FB1-40BF7B824669}\2456C6B696E6F5E4F575962756C6563737F5546454341464 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{BBC53485-D51D-4DB0-9FB1-40BF7B824669}\84F4D454D283736483 : DHCPNameServer = 75.75.75.75 75.75.76.76 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe x64-Run: [smartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-12-7 75904] R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-12-7 38016] R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\NISx64\1207020.003\symds64.sys [2012-6-11 450680] R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\NISx64\1207020.003\symefa64.sys [2012-6-11 912504] R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-11-11 137512] R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-12-7 9216] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-9-27 76912] R3 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2013-2-24 36680] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-12-7 1109096] S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20111223.001\BHDrvx64.sys [2011-11-30 1157240] S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120120.002\IDSviA64.sys [2012-1-21 488568] S1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\NISx64\1207020.003\ironx64.sys [2012-6-11 171128] S1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\NISx64\1207020.003\symnets.sys [2012-6-11 386168] S2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-12-7 203776] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-21 398184] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-21 682344] S2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe [2012-6-11 130008] S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [2012-11-25 132056] S2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [2011-12-7 126392] S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-25 138912] S3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-2-21 24176] S3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-12-7 38096] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-12-7 243712] S3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-12-7 51576] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-4-25 52736] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-12-27 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-02-24 21:01:29 36680 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys 2013-02-24 12:26:18 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BD9DFA34-6349-4C10-A065-C1CE2A388C68}\offreg.dll 2013-02-24 12:23:56 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BD9DFA34-6349-4C10-A065-C1CE2A388C68}\mpengine.dll 2013-02-24 04:08:00 -------- d-sh--w- C:\$RECYCLE.BIN 2013-02-24 01:49:00 98816 ----a-w- C:\windows\sed.exe 2013-02-24 01:49:00 256000 ----a-w- C:\windows\PEV.exe 2013-02-24 01:49:00 208896 ----a-w- C:\windows\MBR.exe 2013-02-22 09:27:49 -------- d-----w- C:\Program Files (x86)\Safer Networking 2013-02-22 02:11:44 -------- d-----w- C:\Users\Mesha Lynn\AppData\Roaming\Malwarebytes 2013-02-22 02:11:34 -------- d-----w- C:\ProgramData\Malwarebytes 2013-02-22 02:11:33 24176 ----a-w- C:\windows\System32\drivers\mbam.sys 2013-02-22 02:11:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-02-22 02:08:36 -------- d-----w- C:\Program Files\CCleaner 2013-02-21 23:57:59 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2013-02-21 05:08:07 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-02-13 16:53:36 -------- d-----w- C:\Users\Mesha Lynn\AppData\Local\Symantec . ==================== Find3M ==================== . . ============= FINISH: 17:05:26.35 =============== And the attached 10g fi1e: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/25/2011 8:32:38 AM System Uptime: 2/23/2013 8:06:51 PM (21 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: AMD C-50 Processor | Socket FT1 | 997/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 285 GiB total, 195.687 GiB free. D: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Security Processor Loader Driver Device ID: ROOT\LEGACY_SPLDR\0000 Manufacturer: Name: Security Processor Loader Driver PNP Device ID: ROOT\LEGACY_SPLDR\0000 Service: spldr . ==== System Restore Points =================== . RP80: 12/8/2012 3:29:03 AM - Scheduled Checkpoint RP81: 12/11/2012 1:57:04 PM - Installed The Sims 3 RP82: 12/26/2012 8:26:21 PM - Scheduled Checkpoint RP83: 1/6/2013 2:29:40 PM - Scheduled Checkpoint RP84: 1/17/2013 10:43:21 AM - Scheduled Checkpoint RP85: 1/30/2013 6:44:50 AM - Scheduled Checkpoint RP86: 2/6/2013 12:17:30 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Flash Player 11 ActiveX 64-bit Amazon Links Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver ATI Catalyst Install Manager BIG-IP Edge Client Components (All Users) Bonjour Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Conexant HD Audio D3DX10 Diner Dash 2 ETDWare PS/2-X64 8.0.8.0_R01 Facebook Messenger 2.1.4651.0 Facebook Video Calling 1.2.0.287 Google Chrome Google Update Helper iTunes Java Auto Updater Junk Mail filter update Label@Once 1.0 Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime MSVCRT MSVCRT_amd64 Norton Internet Security Norton PC Checkup ooVoo Origin PlayReady PC Runtime amd64 PlayReady PC Runtime x86 Realtek USB 2.0 Card Reader Realtek WLAN Driver RegAlyzer Revo Uninstaller 1.94 Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Skype Click to Call Skype Launcher Skype™ 6.0 The Sims 2 The Sims 2 Nightlife The Sims 2 Open For Business The Sims 2 Pets The Sims 2 University The Sims™ 2 Apartment Life The Sims™ 2 Bon Voyage The Sims™ 2 Mansion and Garden Stuff The Sims™ 3 Toshiba App Place TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA Disc Creator TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Laptop Checkup TOSHIBA Media Controller Toshiba Online Backup TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WModem Driver Installer WMV9/VC-1 Video Playback Yahoo! Messenger Yahoo! Software Update . ==== Event Viewer Messages From Past Week ======== . 2/24/2013 5:03:21 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 2/24/2013 4:11:03 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 2/24/2013 1:02:39 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 2/23/2013 9:09:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 2/23/2013 9:09:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 2/23/2013 8:08:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 2/23/2013 8:08:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 2/23/2013 8:08:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 2/23/2013 8:07:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 2/23/2013 8:07:40 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 discache eeCtrl IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv6 2/23/2013 8:07:31 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa8002013b50, 0xfffff80000b9c510). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 022313-23556-01. 2/23/2013 8:05:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. 2/23/2013 8:04:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 2/23/2013 8:04:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service. 2/23/2013 8:01:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wlidsvc service. 2/23/2013 8:00:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. 2/23/2013 7:54:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service. 2/23/2013 7:53:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service. 2/23/2013 7:52:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service. 2/23/2013 7:51:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service. 2/23/2013 7:50:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanWorkstation service. 2/23/2013 7:33:52 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service. 2/23/2013 7:26:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service. 2/23/2013 7:25:24 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 2/23/2013 7:25:24 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/23/2013 7:25:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 2/23/2013 7:12:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 2/23/2013 7:11:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service. 2/23/2013 7:11:22 PM, Error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/23/2013 6:57:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service. 2/23/2013 6:57:57 PM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/23/2013 6:55:04 PM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: After starting, the service hung in a start-pending state. 2/23/2013 6:53:33 PM, Error: Service Control Manager [7022] - The Remote Access Connection Manager service hung on starting. 2/23/2013 6:50:29 PM, Error: Service Control Manager [7022] - The IP Helper service hung on starting. 2/23/2013 6:46:58 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Yahoo! Updater service to connect. 2/23/2013 6:46:58 PM, Error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/23/2013 6:04:27 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 2/23/2013 5:49:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 2/23/2013 5:23:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. 2/23/2013 12:46:55 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 2/23/2013 12:46:50 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 2/23/2013 12:46:50 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 2/23/2013 12:46:24 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf ws2ifsl 2/23/2013 12:46:22 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/23/2013 12:46:22 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 2/23/2013 12:46:22 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 2/23/2013 12:46:22 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 2/23/2013 12:46:22 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/23/2013 12:46:22 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/23/2013 12:46:22 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/23/2013 12:46:21 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 2/23/2013 12:46:21 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 2/23/2013 12:46:21 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 2/23/2013 12:46:21 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 2/23/2013 12:44:19 AM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control. 2/22/2013 5:23:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect. 2/22/2013 5:23:30 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/22/2013 4:42:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service. 2/22/2013 4:42:09 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Apple Mobile Device service. 2/22/2013 4:38:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. 2/22/2013 4:38:37 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/22/2013 4:38:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69} 2/22/2013 4:19:31 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service. 2/22/2013 4:18:22 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. 2/22/2013 3:41:49 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 2/22/2013 3:39:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect. 2/22/2013 3:39:44 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/22/2013 3:28:24 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect. 2/22/2013 3:28:24 AM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/22/2013 3:17:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service. 2/22/2013 11:09:21 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service. 2/22/2013 11:03:42 AM, Error: Service Control Manager [7022] - The Windows Font Cache Service service hung on starting. 2/22/2013 11:01:37 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect. 2/22/2013 10:58:42 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect. 2/22/2013 10:53:00 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa8002013040, 0xfffff8000419d510). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 022213-36285-01. 2/22/2013 10:40:23 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect. 2/22/2013 10:40:23 AM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/22/2013 10:21:57 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the seclogon service. 2/22/2013 10:20:27 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. 2/22/2013 10:19:57 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service. 2/21/2013 6:57:42 PM, Error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/21/2013 6:00:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service YahooAUService with arguments "" in order to run the server: {90AFF435-B544-4F94-A0C2-CC020EACA4E3} 2/21/2013 3:53:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 2/20/2013 8:39:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 2/20/2013 8:23:59 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 2/20/2013 8:23:59 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 2/20/2013 6:56:58 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf 2/20/2013 11:18:37 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache service. 2/20/2013 11:14:00 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting. 2/20/2013 11:11:22 PM, Error: Service Control Manager [7022] - The Function Discovery Resource Publication service hung on starting. . ==== End Of File ===========================</orphaned></orphaned></orphaned></orphaned></orphaned></local>
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.